Darthyw
asked on
DNS cannot resolve internet addresses
We have two Windows Server 2003 DCs running DNS that have been allowing name resolution of internet sites just fine for a few weeks. I'll call them "DNS-1" and "DNS-2" for reference. DNS-1 is the primary DNS server and the first DC we brought online. Suddenly, yesterday the DNS servers quit resolving names of internet sites.
If it helps we are currently running both this 2003 test AD domain and a production NT 4 domain (each domain trusts the other). There are separate DNS servers on each domain. As stated, a couple weeks ago when we set this up all name resolutions worked fine from either domain when using the DNS. The same name records exist on the DNS servers in both domains.
There are not any blatant DNS errors in the Event logs for DNS or AD. You can ping outside IP addresses just fine from either AD DNS servers, but it will not resolve names. I've run NETDIAG and DCDIAG, and AD and DNS both come back with "pass" on the tests.
I can't point to any recent changes in our network, so that doesn't seem to be the case, but because I see no errors on DNS-1 or DNS-2.
I've verified the DNS settings on the servers per Microsofts "best practices for DNS", and this thing worked great with no real explanation as to the sudden problems.....
I'm no DNS expert, so any advice on additional troubleshooting tools, etc.
If it helps we are currently running both this 2003 test AD domain and a production NT 4 domain (each domain trusts the other). There are separate DNS servers on each domain. As stated, a couple weeks ago when we set this up all name resolutions worked fine from either domain when using the DNS. The same name records exist on the DNS servers in both domains.
There are not any blatant DNS errors in the Event logs for DNS or AD. You can ping outside IP addresses just fine from either AD DNS servers, but it will not resolve names. I've run NETDIAG and DCDIAG, and AD and DNS both come back with "pass" on the tests.
I can't point to any recent changes in our network, so that doesn't seem to be the case, but because I see no errors on DNS-1 or DNS-2.
I've verified the DNS settings on the servers per Microsofts "best practices for DNS", and this thing worked great with no real explanation as to the sudden problems.....
I'm no DNS expert, so any advice on additional troubleshooting tools, etc.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I once had a 2k Server with an infection called w32 hostblock, that made the host file in C:\WINNT\system32\drivers\
local host 127.0.0.1
As Dns lookups try this file before DNSMGMT.exe does it's thing, even with 2k Server. It can prevent name resolution from taking place properly. As it did in this one off instance for me.
As wesly_chen above said if you are using forwarders you mut be able to ping them, although I am sure you have probably done that.
Good Luck
local host 127.0.0.1
As Dns lookups try this file before DNSMGMT.exe does it's thing, even with 2k Server. It can prevent name resolution from taking place properly. As it did in this one off instance for me.
As wesly_chen above said if you are using forwarders you mut be able to ping them, although I am sure you have probably done that.
Good Luck
ASKER
Thanks for the prompt information, but forwarding seems to have been the issue, which another engineer here was suspecting. However, we don't have forwarding set up in DNS on the NT 4.0 domain, so it was throwing us a loop. I don't know how it's been working for a week.
This could mean that you have a TCP/IP stack corruption since you say that there was no changes done and it suddenly stopped working.
You could try to to remove the network card drivers and TCP/IP and re-install those.
Before that check the config on the DNS server if you have a backup on the day that worked to compare and see what changed.
Also make sure their was no other changes done on that machine that could have caused this.
I would also run a spyware and virus check to make sure nothing like that has caused this.